Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Connect to Neptune on AWS from local machine

I am trying to connect to Neptune DB in AWS Instance from my local machine in office,like connecting RDS from office.Is it possible to connect Neptune db from local machine?. Is Neptune db publicly available.Is there any way developer can connect neptune db from office.

like image 261
Sreeraju V Avatar asked Sep 30 '18 07:09

Sreeraju V


People also ask

How do I access AWS Neptune?

Sign in to the AWS Management Console, and open the Amazon Neptune console at https://console.aws.amazon.com/neptune/home . Navigate to the cluster detail page. In the Endpoints section, choose the name of the custom endpoint you want to edit.

How do I access Neptune data?

You can access property graph data in Neptune using both Gremlin and openCypher, but not using SPARQL. Similarly, you can only access RDF data using SPARQL, not Gremlin or openCypher. To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.


2 Answers

Neptune does not support public endpoints (endpoints that are accessible from outside the VPC). However, there are few architectural options using which you can access your Neptune instance outside your VPC. All of them have the same theme: setup a proxy (EC2 machine, or ALB, or something similar, or a combination of these) that resides inside your VPC, and make that proxy accessible from outside your VPC.

It seems like you want to talk to your instance purely for development purposes. The easiest option for that would be to spin up an ALB, and create a target group that points to your instance's IP.

Brief Steps (These are intentionally not in detail, please refer to AWS Docs for detailed instructions):

  1. dig +short <your cluster endpoint> This would give you the current master's IP address.

  2. Create an ALB (See AWS Docs on how to do this).

  3. Make your ALB's target group point to the IP Address obtained for step #1. By the end of this step, you should have an ALB listening on PORT-A, that would forward requests to IP:PORT, where IP is your database IP (from Step 1) and PORT is your database port (default is 8182).
  4. Create a security group that allows inbound traffic from everywhere. i.e. Inbound TCP rule for 0.0.0.0 on PORT-A.
  5. Attach the security group to your ALB

Now from your developer boxes, you can connect to your ALB endpoint at PORT-A, which would internally forward the request to your Neptune instance.

Do checkout ALB docs for details around how you can create it and the concepts around it. If you need me to elaborate any of the steps, feel free to ask.

NOTE: This is not a recommended solution for a production setup. IP's used by Neptune instances are bound to change with failovers and host replacements. Use this solution only for testing purposes. If you want a similar setup for production, feel free to ask a question and we can discuss options.

like image 114
The-Big-K Avatar answered Sep 28 '22 03:09

The-Big-K


As already mentioned you can't access directly outside your VPC.
The following link describes another solution using a SSH tunnel: connecting-to-aws-neptune-from-local-environment. I find it much easier for testing and development purpose. You can create the SSH tunnel with Putty as well.

like image 22
Avner Levy Avatar answered Sep 28 '22 03:09

Avner Levy